iadd OpenBSD unveil support - stagit-gemini - Stagit for gemini protocol Openbsd Err thinkerwim.openbsd.amsterdam 70 hgit clone git://thinkerwim.org/stagit-gemini.git URL:git://thinkerwim.org/stagit-gemini.git thinkerwim.org 70 1Log /git/stagit-gemini/log.gph thinkerwim.org 70 1Files /git/stagit-gemini/files.gph thinkerwim.org 70 1Refs /git/stagit-gemini/refs.gph thinkerwim.org 70 1README /git/stagit-gemini/file/README.gph thinkerwim.org 70 1LICENSE /git/stagit-gemini/file/LICENSE.gph thinkerwim.org 70 i--- Err thinkerwim.openbsd.amsterdam 70 1commit 2d17ff69d90329bbbfadbf258f4a22f26358943b /git/stagit-gemini/commit/2d17ff69d90329bbbfadbf258f4a22f26358943b.gph thinkerwim.org 70 1parent 44e1ef57a375794bea37555ac1bc417d37156caf /git/stagit-gemini/commit/44e1ef57a375794bea37555ac1bc417d37156caf.gph thinkerwim.org 70 hAuthor: Hiltjo Posthuma URL:mailto:hiltjo@codemadness.org thinkerwim.org 70 iDate: Sun, 22 Dec 2019 12:52:49 +0100 Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 iadd OpenBSD unveil support Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 iThe unveil() system call first appeared in OpenBSD 6.4. Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 iFor stagit-gopher it has the following properties now: Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i- stagit-gopher-index: only read-access to the file-system for the specified Err thinkerwim.openbsd.amsterdam 70 i directories/repositories. Err thinkerwim.openbsd.amsterdam 70 i- stagit-gopher: read-access to the specified directory/repository. Err thinkerwim.openbsd.amsterdam 70 i read-write and creation access to the current directory for the output files. Err thinkerwim.openbsd.amsterdam 70 i read-write and creation access to the specified cache file Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 iDiffstat: Err thinkerwim.openbsd.amsterdam 70 i M stagit-gopher-index.c | 4 ++++ Err thinkerwim.openbsd.amsterdam 70 i M stagit-gopher.c | 7 +++++++ Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i2 files changed, 11 insertions(+), 0 deletions(-) Err thinkerwim.openbsd.amsterdam 70 i--- Err thinkerwim.openbsd.amsterdam 70 1diff --git a/stagit-gopher-index.c b/stagit-gopher-index.c /git/stagit-gemini/file/stagit-gopher-index.c.gph thinkerwim.org 70 i@@ -219,6 +219,10 @@ main(int argc, char *argv[]) Err thinkerwim.openbsd.amsterdam 70 i git_libgit2_init(); Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i #ifdef __OpenBSD__ Err thinkerwim.openbsd.amsterdam 70 i+ for (i = 1; i < argc; i++) Err thinkerwim.openbsd.amsterdam 70 i+ if (unveil(argv[i], "r") == -1) Err thinkerwim.openbsd.amsterdam 70 i+ err(1, "unveil: %s", argv[i]); Err thinkerwim.openbsd.amsterdam 70 i+ Err thinkerwim.openbsd.amsterdam 70 i if (pledge("stdio rpath", NULL) == -1) Err thinkerwim.openbsd.amsterdam 70 i err(1, "pledge"); Err thinkerwim.openbsd.amsterdam 70 i #endif Err thinkerwim.openbsd.amsterdam 70 1diff --git a/stagit-gopher.c b/stagit-gopher.c /git/stagit-gemini/file/stagit-gopher.c.gph thinkerwim.org 70 i@@ -1177,6 +1177,13 @@ main(int argc, char *argv[]) Err thinkerwim.openbsd.amsterdam 70 i git_libgit2_init(); Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i #ifdef __OpenBSD__ Err thinkerwim.openbsd.amsterdam 70 i+ if (unveil(repodir, "r") == -1) Err thinkerwim.openbsd.amsterdam 70 i+ err(1, "unveil: %s", repodir); Err thinkerwim.openbsd.amsterdam 70 i+ if (unveil(".", "rwc") == -1) Err thinkerwim.openbsd.amsterdam 70 i+ err(1, "unveil: ."); Err thinkerwim.openbsd.amsterdam 70 i+ if (cachefile && unveil(cachefile, "rwc") == -1) Err thinkerwim.openbsd.amsterdam 70 i+ err(1, "unveil: %s", cachefile); Err thinkerwim.openbsd.amsterdam 70 i+ Err thinkerwim.openbsd.amsterdam 70 i if (cachefile) { Err thinkerwim.openbsd.amsterdam 70 i if (pledge("stdio rpath wpath cpath fattr", NULL) == -1) Err thinkerwim.openbsd.amsterdam 70 i err(1, "pledge"); Err thinkerwim.openbsd.amsterdam 70 .